# tar zxf mongodb-linux-x86_64-rhel70-3.4.2.tgz
# cp -r mongodb-linux-x86_64-rhel70-3.4.2 /opt/app/mongodb
# mkdir -pv /opt/logs/mongodb /opt/data/mongodb /opt/run/mongodb /opt/app/mongodb/conf /opt/keys/mongodb/
# 配置副本集认证 keyFile 文件,把这个文件复制到其他机器对应目录(如果密钥文件里面有“=”,务必要删除,不能识别)。
# openssl rand -base64 512 > /opt/keys/mongodb/keyfile
# chmod 400 /opt/keys/mongodb/keyfile
# cd /opt/app/mongodb/conf
# touch mongodb.conf
# vim mongodb.conf
........................
mongodb.conf..............................
# mongod config
systemLog:
destination: file
path: "/opt/logs/mongodb/mongodb.log"
logAppend: true
storage:
engine: "wiredTiger"
dbPath: "/opt/data/mongodb"
directoryPerDB: true
journal:
enabled: true
wiredTiger:
engineConfig:
cacheSizeGB: 5
security:
keyFile: "/opt/keys/mongodb/keyfile"
clusterAuthMode: "keyFile"
authorization: "enabled"
processManagement:
fork: true
pidFilePath: "/opt/run/mongodb/mongodb.pid"
net:
bindIp: "0.0.0.0"
port: 27017
http:
enabled: true
RESTInterfaceEnabled: true
replication:
replSetName: "goldyeah"
oplogSizeMB: 10000
operationProfiling:
slowOpThresholdMs: 100
mode: "slowOp"
...........................end............................
上述步骤在其他两台机器上重复执行。
# cd /opt/script
# touch mongodb.sh && chmod +x mongodb.sh
# vim mongodb.sh
.............................
mongodb.sh.....................................
#!/bin/bash
start()
{
echo "never" > /sys/kernel/mm/transparent_hugepage/defrag
echo "never" > /sys/kernel/mm/transparent_hugepage/enabled
/opt/app/mongodb/bin/mongod --config /opt/app/mongodb/conf/mongodb.conf
}
stop()
{
/opt/app/mongodb/bin/mongod --config /opt/app/mongodb/conf/mongodb.conf --shutdown
}
if [ "$1" == "start" ]
then
start
elif [ "$1" == "stop" ]
then
stop
else
echo "only input start or stop"
fi
.............................end...................................
创建 mongodb 副本集,先启动三台 mongodb ,登录其中一台
# /opt/app/mongodb/bin/mongo
# 首先,添加集群配置
> config={_id:"debset",members:[{_id:0,host:"
192.168.0.1:27017"},{_id:1,host:"
192.168.0.2:27017"},{_id:2,host:"
192.168.0.3:27017"}]}
# 然后,初始化集群配置
> rs.initiate(config)
# 最后,可以看看集群状态
dbset:SECONDARY> rs.status()
# mongodb 添加用户身份认证
dbset:PRIMARY> use admin
dbset:PRIMARY> db.createUser( { user:'root', pwd:'net,admin168', roles:[{role:'userAdmin',db:'admin'},{role:'readWrite',db:'admin'},{role:'userAdminAnyDatabase',db:'admin'},{ role:'clusterAdmin',db:'admin' }, { role:'clusterManager',db:'admin' }] } )
dbset:PRIMARY> db.auth('admin','net,admin168')
dbset:PRIMARY> use gold
dbset:PRIMARY> db.createUser( { user:'gold', pwd:'gold168', roles:[{roles:[{role:'userAdmin',db:'gold'},{role:'readWrite',db:'gold'}]})
dbset:PRIMARY> db.auth('gold','gold168')
dbset:PRIMARY> db.createCollection('site_table')
dbset:PRIMARY> db.site_table.insert({uid:'1',name:'xxxxx',url:'https://www.baidu.com',content:'百度'})
# 查看当前库的用户以及权限,需先进入该库
# dbset:PRIMARY> show users
# 查看所有用户,需进入 admin 库
# dbset:PRIMARY> db.system.users.find()
# 对用户授权/权限变更
# dbset:PRIMARY> db.grantRolesToUser( 'admin', [ { role:'clusterAdmin',db:'admin' }, { role:'clusterManager',db:'admin' } ] )
# 修改用户密码,需要进入指定的库
dbset:PRIMARY> db.changeUserPassword('admin','1234567890')
# 删除用户
dbset:PRIMARY> db.dropUser("admin");